<?php

/*
=====================================================
 FluxBB - Delux Board Converstations (DBC)
-----------------------------------------------------
 http://dbc-forum.com/
 http://fluxbb.org/
-----------------------------------------------------
 Copyright (c) 2010,2011 FluxBB - Delux Board Conversations (DBC)
-----------------------------------------------------
 Предсловие: Данный скрипт (DBC) не является работой с нуля, то 
 есть ядром скрипта всё также остаётся FuxBB,но теперь в оболочке
 DBC.
=====================================================
*/

define('DBC_ROOT', './');
define('DBC_REPUTATION', 1);
require DBC_ROOT.'engine/common.php';
require DBC_ROOT.'engine/parser.php';

require DBC_ROOT.'language/'.$DBC_user['language'].'/reputation.php';

$page_title = array(DBC_htmlspecialchars($DBC_config['o_board_title']), $lang_reputation['User reputation']);

// Include UTF-8 function
require DBC_ROOT.'engine/utf8/substr_replace.php';
require DBC_ROOT.'engine/utf8/ucwords.php'; // utf8_ucwords needs utf8_substr_replace
require DBC_ROOT.'engine/utf8/strcasecmp.php';

if ($DBC_user['g_rep_enable'] == 0)
	message($lang_reputation['Group Disabled']);
if ($DBC_user['reputation_enable_adm'] == 0)
	message($lang_reputation['Individual Disabled']);
if ($DBC_config['o_reputation_enabled'] == 0)
	message($lang_reputation['Disabled']);
if ($DBC_user['reputation_enable'] == 0)
	message($lang_reputation['Your Disabled']);




if (isset($_POST['form_sent']))
{

	if (isset($_POST['delete_rep_id'])) 
	{
		if ($DBC_user['g_id'] == DBC_ADMIN || $DBC_user['g_id'] == DBC_MOD) {
			$uid = intval($_GET['uid']);
			$p = intval($_GET['p']);
			if ($uid<2)
				message($lang_common['Bad request']);
				
			$idlist = implode(',', array_values($_POST['delete_rep_id']));
			confirm_referrer('reputation.php');

			$db->query('DELETE FROM '.$db->prefix.'reputation WHERE id IN('.$idlist.')') or error('Unable to delete reputation data.', __FILE__, __LINE__, $db->error());

		            $result = $db->query('SELECT SUM(rep_plus) AS plus, SUM(rep_minus) AS minus FROM '.$db->prefix.'reputation WHERE user_id='. $uid.'  GROUP BY user_id ') or error('Unable to counting rep', __FILE__, __LINE__, $db->error());
		            
		            if     (!$db->num_rows($result)) {
		                $rep['plus'] = 0;
		                $rep['minus'] = 0;
		            } else 
		                $rep =$db->fetch_assoc($result);
		            $db->query('UPDATE '.$db->prefix.'users SET rep_plus='.$rep['plus'].',rep_minus='.$rep['minus'].' WHERE  id='.$uid)  or error('Unable to update rep fo user', __FILE__, __LINE__, $db->error());
		
		            redirect('reputation.php?uid='.$uid.'&p='.$p, $lang_reputation['Deleted redirect']);
		        }
		        else
		        {
		        message($lang_common['No permission']);
		        }
		    }




	if ($DBC_user['is_guest'])
	message($lang_common['No permission']);

	$pid = isset($_POST['pid']) ? intval($_POST['pid']) : message($lang_common['Bad request']);
	$poster = isset($_POST['poster']) ? $_POST['poster'] : message($lang_common['Bad request']);
	$method = isset($_POST['method']) ? intval($_POST['method']) : message($lang_common['Bad request']);

	if ($method!=2 && $method!=1)
		message($lang_common['Bad request']);

	$result = $db->query('SELECT p.poster, p.poster_id, p.posted, p.id, p.topic_id, t.subject, u.reputation_enable, r.time FROM '.$db->prefix.'posts AS p INNER JOIN '.$db->prefix.'topics AS t ON p.topic_id=t.id INNER JOIN '.$db->prefix.'users AS u ON p.poster_id = u.id LEFT JOIN '.$db->prefix.'reputation AS r ON (r.from_user_id ='.$DBC_user["id"] .' AND  r.user_id = u.id) WHERE p.id='.$pid.' AND p.poster="'. $db->escape($poster) .'" ORDER BY r.time DESC LIMIT 0 , 1') or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());

	if (!$db->num_rows($result))
		message($lang_common['Bad request']);
	$target = $db->fetch_assoc($result);

	//Check last reputation point given timestamp
	if ($target['time'])
	{
		if($DBC_config['o_reputation_timeout']*60 > (time()-$target['time']))
  			message($lang_reputation['Timeout 1'].$DBC_config['o_reputation_timeout'].$lang_reputation['Timeout 2']);
	}


	if ($target['reputation_enable']!=1)
		message($lang_reputation['User Disable']);

	// Prevent people from voting for themselves via URL hacking.
	if ($DBC_user["id"] == $target["poster_id"])
    	message($lang_reputation['Silly user']);

	if ((($DBC_user['g_rep_minus_min'] > $DBC_user['num_posts']) && ($method=2) ) || (($DBC_user['g_rep_plus_min'] >  $DBC_user['num_posts']) && ($method=1) ))
		message($lang_reputation['Small Number of post']);

	// Clean up message from POST
	$message = DBC_linebreaks(DBC_trim($_POST['req_message']));

	// Check message
	if ($message == '')
		message($lang_reputation['No message']);
	else if (strlen($message) > 400)
		message($lang_reputation['Too long message']);
	else if ($DBC_config['p_message_all_caps'] == '0' && strtoupper($message) == $message && $DBC_user['g_id'] > DBC_GUEST)
		$message = ucwords(strtolower($message));


	// Validate BBCode syntax
	if ($DBC_config['p_message_bbcode'] == '1' && strpos($message, '[') !== false && strpos($message, ']') !== false)
		$message = preparse_bbcode($message, $errors);

	$message = addslashes($message);
	if (isset($errors))
		message($errors[0]);
	if($method == 1)
	{	$rep_column="rep_plus";}
	else
	{$rep_column="rep_minus";}
	//Add voice
	$db->query("INSERT INTO ".$db->prefix."reputation (user_id, from_user_id, time, post_id, reason, topics_id, ". $rep_column .") Values ('". $target['poster_id'] . "', '" . $DBC_user["id"] ."', '" . mktime() . "', '" . $target['id'] ."', '" . $db->escape($message) . "', '". $target['topic_id'] . "', '1' )") or error('Unable to add reputation info', __FILE__, __LINE__, $db->error());

	$db->query('UPDATE '.$db->prefix.'users SET '.$rep_column.'='.$rep_column.'+1 WHERE  id='.$target['poster_id']);


	redirect('viewtopic.php?&pid=' .$pid .'#p' .$pid , $lang_reputation['Redirect Message']);
}

if ( isset($_GET['uid']) && !isset($_GET['method']))
{
	require DBC_ROOT.'engine/engine.php';
	$uid = intval($_GET['uid']);
	if ($uid<2)
		message($lang_common['Bad request']);

	$result = $db->query('SELECT u.username, u.rep_plus AS count_rep_plus, u.rep_minus AS count_rep_minus FROM '.$db->prefix.'users AS u LEFT JOIN '.$db->prefix.'reputation as r ON r.user_id=u.id WHERE u.id='.$uid.' GROUP by u.id') or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
	if (!$db->num_rows($result))
		message($lang_common['Bad request']);
	$user_rep =$db->fetch_assoc($result);

	$result = $db->query('SELECT COUNT(*) FROM '.$db->prefix.'reputation WHERE user_id='.$uid) or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
	list($num_rows) = $db->fetch_row($result);
	if ($num_rows>0)
	{
		$num_pages = ceil(($num_rows + 1) / $DBC_user['disp_posts']);
		$p = (!isset($_GET['p']) || $_GET['p'] <= 1 || $_GET['p'] > $num_pages) ? 1 : $_GET['p'];
		$start_from = $DBC_user['disp_posts'] * ($p - 1);
		$paging_links = $lang_common['Pages'].': '.paginate($num_pages, $p, 'reputation_uid'.$uid);
		$result = $db->query('SELECT r.id, r.time, r.reason, r.post_id, r.rep_plus, r.rep_minus, r.user_id, t.subject, u2.username as from_user_name, u2.id as from_user_id FROM '.$db->prefix.'reputation AS r LEFT JOIN '.$db->prefix.'users AS u ON r.user_id = u.id LEFT JOIN '.$db->prefix.'topics AS t ON t.id=r.topics_id LEFT JOIN '.$db->prefix.'users AS u2 ON r.from_user_id = u2.id WHERE u.id='.$uid.' ORDER BY r.time DESC LIMIT '.$start_from.','.$DBC_user['disp_posts']) or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());

		$is_admmod = ($DBC_user['g_id'] == DBC_ADMIN || $DBC_user['g_id'] == DBC_MOD) ? true : false;
		$form_del = "\t\t\t\t".'<form action="reputation.php?p='.$p.'&uid='.$uid.'" method="post" name="del_rep">';
		$form_end = "\t\t\t\t".'</form>';
		if ($is_admmod)
			echo $form_del . "\n". "\t\t\t\t".'<input type="hidden" name="form_sent" value="1" />'."\n";
///style="table-layout:fixed"
?>

	<div class="inbox crumbsplus">
		<div class="pagepost">

			<p class="pagelink conl"><span class="contacts"><?php echo $paging_links ?></span></p>
		</div>
		<div class="clearer"></div>
	</div>
	<br/>


<table width="100%" height="38" border="0" cellpadding="0" cellspacing="0"><thead><tr>
<td align="left" width="28" class="bg_forum_title_left"><img src="engine/skins/images/spacer.gif" border="0"></td>
<td align="left" class="bg_forum_title_center"><span class="cat_title"><?php echo $lang_reputation['User reputation']. DBC_htmlspecialchars($user_rep['username']) . '&nbsp;&nbsp;<strong>[+'. $user_rep['count_rep_plus'] . ' / -' . $user_rep['count_rep_minus'] .'] &nbsp;</strong>' ?></span></td>
<td align="center" width="28" class="bg_forum_title_right"><img src="engine/skins/images/spacer.gif" border="0"></td>
</tr></table>


			<table height="17" style="height: 17px;" cellpadding="0" cellspacing="0" border="1" class="bg_forum_r blocktable">

			<thead>
				<tr>
					<td class="tc3" style="width:15%; text-align:center;" class="bg_forum_r" scope="col"><?php echo $lang_reputation['From user'] ?></td>
					<td class="tc3" style="width:15%; text-align:center;" class="tc3" class="bg_forum_r" scope="col"><?php echo $lang_reputation['For topic'] ?></td>
					<td class="tc3" style="width:<?php if ($is_admmod){ echo '35'; }else {echo '45';} ?>%; text-align:center;" class="bg_forum_r" scope="col"><?php echo $lang_reputation['Reason'] ?></td>
					<td class="tc3" style="width:10%; text-align:center;" class="bg_forum_r" scope="col"><?php echo $lang_reputation['Estimation'] ?></td>
					<td class="tc3" style="width:15%; text-align:center;" class="bg_forum_r" scope="col"><?php echo $lang_reputation['Date'] ?></td>
					<?php if ($is_admmod) echo '<td class="tc3" style="width:10%; text-align:center;" class="bg_forum_r" scope="col">'.$lang_reputation['Delete'].'</td>'; ?>
				</tr>
			</thead>
			</table>


<table class="forum_adv_table"  width="100%" border="0" cellpadding="0" cellspacing="0"><thead><tr>
<td align="left" class="forum_adv_tleft" width="2"><img src="engine/skins/images/spacer.gif" border="0"></td>
<td align="left" width="100%"><div class="forum_adv_c">
	<div class="box">
		<div class="inbox">







			<table cellspacing="0" class="blocktable">
			<thead>
				<tbody>
<?php
		while ($cur_rep = $db->fetch_assoc($result))
		{
			$cur_rep['reason']= parse_message($cur_rep['reason'], 0);
?>
					<tr>
						<td style="width:15%;"><?php echo $cur_rep['from_user_name'] ? '<a href="reputation.php?uid=' . $cur_rep['from_user_id'] . '">'. DBC_htmlspecialchars($cur_rep['from_user_name']).'</a>' :  $lang_reputation['Profile deleted'] ?></td>
						<td style="width:15%;"><?php echo $cur_rep['subject'] ? '<a href="viewtopic.php?pid=' . $cur_rep['post_id'] . '#p'. $cur_rep['post_id'] . '">'.DBC_htmlspecialchars($cur_rep['subject']).'</a>' : $lang_reputation['Removed or deleted'] ?></td>
						<td style="width:<?php if ($is_admmod){ echo '35'; }else {echo '45';} ?>%;"><?php echo $cur_rep['reason'] ?></td>
						<td style="text-align:center;width:10%;"><?php echo $cur_rep['rep_plus']==1 ? '<img src="templates/Default/images/warn_add.gif" alt="+" border="0">' : '<img src="templates/Default/images/warn_minus.gif" alt="-" border="0">'; ?></td>
						<td style="width:15%;"><?php echo format_time($cur_rep['time']) ?></td>
						<?php if ($is_admmod) echo '<td style="width:10%; text-align:center;"><input type="checkbox" name="delete_rep_id[]" value="'.$cur_rep['id'].'"></td>'; ?>
					</tr>
<?php
		}
	}
	else
	{
?>

<table width="100%" height="38" border="0" cellpadding="0" cellspacing="0"><thead><tr>
<td align="left" width="28" class="bg_forum_title_left"><img src="engine/skins/images/spacer.gif" border="0"></td>
<td align="left" class="bg_forum_title_center"><span class="cat_title"><?php echo $lang_reputation['User reputation']. DBC_htmlspecialchars($user_rep['username']) . '&nbsp;&nbsp;<strong>[+'. $user_rep['count_rep_plus'] . ' / -' . $user_rep['count_rep_minus'] .'] &nbsp;</strong>' ?></span></td>
<td align="center" width="28" class="bg_forum_title_right"><img src="engine/skins/images/spacer.gif" border="0"></td>
</tr></table>

<table class="forum_adv_table"  width="100%" border="0" cellpadding="0" cellspacing="0"><thead><tr>
<td align="left" class="forum_adv_tleft" width="2"><img src="engine/skins/images/spacer.gif" border="0"></td>
<td align="left" width="100%"><div class="forum_adv_c">

	<div class="box">
		<div class="inbox">
			<table cellspacing="0" style="table-layout:fixed">
				<tbody>
					<tr><td ><?php echo $lang_reputation['No reputation'] ?></td></tr>
<?php
	}
?>
				</tbody>
			</table>
		</div>
	</div>
</div></td>
<td align="left" class="forum_adv_tright" width="2"><img src="engine/skins/images/spacer.gif" border="0"></td>
</td></tr></table>
<table width="100%" height="23" border="0" cellpadding="0" cellspacing="0"><thead><tr>
<td align="left" width="30" class="bg_forum_bott_left"><img src="engine/skins/images/spacer.gif" border="0"></td>
<td align="left" class="bg_forum_bott_center"><img src="engine/skins/images/spacer.gif" border="0"></td>
<td align="center" width="30" class="bg_forum_bott_right"><img src="engine/skins/images/spacer.gif" border="0"></td>
</tr></thead></table>

<div class="clearer"></div>
<div class="postlinksb">
	<div class="inbox">
		<p class="pagelink conl"></p>
<?php if ($is_admmod)	{ ?>
		<p class="postlink conr"><input class="fbutton" type="submit" name="del_rep" value="<?php echo $lang_reputation['Delete'] ?>" onclick="return confirm('<?php echo $lang_reputation['Are you sure']; ?>')" /></p>
<?php } ?>
		<div class="clearer"></div>
	</div>
</div>
<?php
$footer_style = 'index';
require DBC_ROOT.'engine/footer.php';
}

else

{

if (empty($_GET['pid']) || 	empty($_GET['method']) || empty($_GET['uid']) )
	message($lang_common['Bad request']);

if ($DBC_user['is_guest'])
	message($lang_common['No permission']);

$pid = intval($_GET['pid']);
$method = intval($_GET['method']);
$uid = intval($_GET['uid']);

// Prevent people from voting for themselves via URL hacking.
if ($DBC_user["id"] == $uid)
    message($lang_reputation['Silly user']);


if (($method!=1) && ($method!=2))
	message($lang_common['Bad request']);

$result = $db->query('SELECT r.time, u.username FROM '.$db->prefix.'users AS u LEFT JOIN '.$db->prefix.'reputation AS r ON ( r.user_id='.$uid.' AND r.from_user_id='.$DBC_user["id"].' ) WHERE u.id='.$uid.' ORDER BY r.time DESC LIMIT 0 , 1') or error('Unable to fetch time last voice info', __FILE__, __LINE__, $db->error());


if (!$db->num_rows($result))
	message($lang_common['Bad request']);
$target = $db->fetch_assoc($result);
//Check last reputation point given timestamp
if ($target['time'])
{
	if($DBC_config['o_reputation_timeout']*60 > (time()-$target['time']))
 			message($lang_reputation['Timeout 1'].$DBC_config['o_reputation_timeout'].$lang_reputation['Timeout 2']);
}

// Prevent people from voting for themselves via URL hacking.
if ($DBC_user["id"] == $uid)
    message($lang_reputation['Silly user']);

if ((($DBC_user['g_rep_minus_min'] > $DBC_user['num_posts']) && ($method=2) ) || (($DBC_user['g_rep_plus_min'] >  $DBC_user['num_posts']) && ($method=1) ))
	message($lang_reputation['Small Number of post']);

$poster=DBC_htmlspecialchars($target['username']);

require DBC_ROOT.'engine/engine.php';
$form = '<form action="reputation.php?" method="post" name="Reput" onSubmit="return Validate()">';
?>

<script language="javascript">
<!--
	function Validate() {
		var Max = 100;
		Length = document.Reput.req_message.value.length;
		if (( Length > Max) && ( Max > 0 )) {
			alert("<?php echo $lang_reputation['Max length of message'] ?> " + Max + " <?php echo $lang_reputation['You already of use'] ?> " + Length + " <?php echo $lang_reputation['Of symbol'] ?>");
			return false;
		} else {
			document.Reput.go.disabled = true;
			return true;
		}
	}
// -->
</script>
<?php echo $form."\n" ?>



<table width="100%" height="38" border="0" cellpadding="0" cellspacing="0"><thead><tr>
<td align="left" width="28" class="bg_forum_title_left"><img src="engine/skins/images/spacer.gif" border="0"></td>
<td align="left" class="bg_forum_title_center"><span class="cat_title"><?php echo $lang_reputation['Form header'] ?></span></td>
<td align="center" width="28" class="bg_forum_title_right"><img src="engine/skins/images/spacer.gif" border="0"></td>
</tr></table>

<table class="forum_adv_table"  width="100%" border="0" cellpadding="0" cellspacing="0"><thead><tr>
<td align="left" class="forum_adv_tleft" width="2"><img src="engine/skins/images/spacer.gif" border="0"></td>
<td align="left" width="100%"><div class="forum_adv_c">
<div style="margin-top: 5px;" class="infldset">
	<div class="box">


		<div class="inbox2">
			<input type="hidden" name="form_sent" value="1" />
			<input type="hidden" name="pid" value="<?php echo $pid ?>" />
			<input type="hidden" name="poster" value="<?php echo $poster ?>" />
			<input type="hidden" name="method" value="<?php echo $method ?>" />
			<table cellspacing="0">
				<tr>
					<td  class="tc4" width="30%"><?php echo $lang_reputation['Form your name'] ?>:</td>
					<td  class="tc4" width="70%"><?php echo DBC_htmlspecialchars($DBC_user['username']) ?></td>
				</tr>
				<tr>
					<td class="tc4" width="30%"><?php echo $lang_reputation['Form to name'] ?>:</td>
					<td class="tc4" width="70%"><?php echo DBC_htmlspecialchars($poster) ?></td>
				</tr>
				<tr>
					<td class="tc4" width="30%"><?php echo $lang_reputation['Form reason'] ?>:</td>
					<td class="tc4" width="70%"><textarea class="input_text" cols='60' rows='10' wrap='soft' name="req_message" class='textinput'></textarea></td>
				</tr>
				<tr>
					<td class="tc4" width="30%"><?php echo $lang_reputation['Form method'] ?>:</td>
					<td class="tc4" width="70%"><?php echo  $method==1 ? $lang_reputation['Plus'] : $lang_reputation['Minus']; ?></td>
				</tr>
			</table>
			<table cellspacing="0">
				<tr>
					<td  class="tc4" style="text-align:center;"><input class="fbutton" type="submit" name="submit" value="<?php echo $lang_common['Submit'] ?>"> : <a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></td>
				</tr>
			</table>
		</div>
	</div></div>
</form>


</div></td>
<td align="left" class="forum_adv_tright" width="2"><img src="engine/skins/images/spacer.gif" border="0"></td>
</td></tr></table>
<table width="100%" height="23" border="0" cellpadding="0" cellspacing="0"><thead><tr>
<td align="left" width="30" class="bg_forum_bott_left"><img src="engine/skins/images/spacer.gif" border="0"></td>
<td align="left" class="bg_forum_bott_center"><img src="engine/skins/images/spacer.gif" border="0"></td>
<td align="center" width="30" class="bg_forum_bott_right"><img src="engine/skins/images/spacer.gif" border="0"></td>
</tr></thead></table>





<?php
require DBC_ROOT.'engine/footer.php';
}
?>